Known Vulnerabilities for products from Evernote
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Evernote".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-54422 json | Not Provided | 2024-12-16 | 2026-04-23 | |
| CVE-2020-17759 json | An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arb... | 8.8 - HIGH | 2021-06-24 | 2021-07-01 |
| CVE-2019-17051 json | Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment ... | 7.8 - HIGH | 2019-09-30 | 2021-07-21 |
| CVE-2019-12592 json | A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows r... | 6.1 - MEDIUM | 2019-06-18 | 2019-06-19 |
| CVE-2019-10038 json | Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such... | 7.8 - HIGH | 2019-05-31 | 2020-05-11 |
| CVE-2018-20351 json | The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832. | 6.1 - MEDIUM | 2018-12-22 | 2019-01-09 |
| CVE-2018-20058 json | In Evernote before 7.6 on macOS, there is a local file path traversal issue in attachment previewing, aka MACOSNOTE-28634. | 7.5 - HIGH | 2018-12-11 | 2020-05-11 |
| CVE-2018-19658 json | The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; ho... | 5.4 - MEDIUM | 2020-03-02 | 2021-09-08 |
| CVE-2018-18524 json | Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject N... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2016-4900 json | Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges ... | 7.8 - HIGH | 2017-05-22 | 2017-06-01 |
| CVE-2013-5116 json | Evernote prior to 5.5.1 has insecure password change | 7.1 - HIGH | 2020-01-31 | 2020-02-03 |
| CVE-2013-5112 json | Evernote before 5.5.1 has insecure PIN storage | 4.6 - MEDIUM | 2020-01-31 | 2020-02-10 |
Known software with vulnerabilities from Evernote
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Evernote | Evernote | - |
| Application | Evernote | Web Clipper | 7.11.1 |
| Application | Evernote | Yinxiang Biji | 8.3.2 |